Security Engineer
New York, NY

Job Description

Who are we?

Since its founding in 2004, KIND has been on a mission to make the world a little kinder one snack and one act at a time. KIND was born out of its founder's desire to create a snack that was healthy and tasty, wholesome and convenient. What began as a line of premium Fruit & Nut bars sparked the creation of an entirely new healthier snacking category. Today, KIND has a family of snacks that offer solutions for a variety of different occasions.

We love making snacks that delight people's taste buds and fuel their bodies, and we also love inspiring kindness in communities everywhere. As a not-only-for-profit company, we've always believed that there's more to business than just profit.

We're looking for passionate collaborators to help us become the foremost leader in health & wellness and positively impact society along the way. If you're looking to be a part of an inspiring, energetic and entrepreneurial environment, you've found the right place.

What you'll do

As the IT Security Engineer, you will be responsible for helping protect KIND, its data and its systems from cyber threats. In this role, you'll assist with cyber security tasks, and analyze and remediate any cyber security risks to the business. You will also focus on GRC/DLP tasks, where you will be essential for ensuring that KIND's data remains secure and that we comply with any industry regulations as applicable to our organization.

And this is how you will do it…

Cybersecurity engineering operations, enhancement and monitoring:

* Conduct various engineering tasks such as penetration testing, vulnerability scanning/management, scripting and automation, log management, antivirus software management and security alert monitoring
* Complete e-discovery and forensics tasks as needed for the business
* Execute penetration testing and incident response planning/tasks as needed for the organization
* Participate in in the monitoring and management of enterprise security tools such as firewalls, anti-virus, forensic application, etc.
* Perform web application security and source code reviews, as well as any system configuration hardening as requested by the business.

Assist in Risk Assessment and Management for the Business:

* Aid in reviewing new application/tools for the business and identifying any areas of IT Security risks/concerns.
* Participate in reviewing the security design and architecture of KIND's applications and infrastructure and suggest/perform enhancements as needed.
* Assist in developing IT Security Training courses and information for end users.
* Analyze and develop metric reports to identity trends or areas of concerns in IT security tools and work on remediation plans.
* Conduct risk assessments on departments in the organization, document areas of concern, and research way to mitigate/resolve risks.

What you'll bring to KIND

* IT Security experience and knowledge from your previous roles
* Fresh perspective and an insatiable curiosity.
* A commitment to excellence!

You are…

* A collaborator who is comfortable working in a team setting, as well as, a results-oriented self-starter.
* Detail oriented with strong organizational, analytical and problem-solving skills.
* Able to adapt and respond to changes and challenges in a fast-paced environment.
* Curious with a constant desire to learn and overcome any obstacles that may impact your goals.

You have…

* Bachelor's degree in IT Security or Computer Science related field
* Minimum 5-7 years of experience operating in an IT Security role and a total of 7-9 years of general IT experience
* Demonstrated experience in penetration testing, vulnerability management, and web application security testing
* Proficiency with at least one programming or scripting language (PowerShell, Python, C++, etc.)
* Strong comprehension of cryptography (including PKI) and the common behaviors and attributes of malware
* Familiar with risk management, DLP, and GRC concepts and methodologies, network security and architecture



Pluses

* Certifications in any of the following areas: Offensive Security Certified Professional/Expert (OSCP/OSCE) ,CISSP, CCIE, LPT, ITIL, Cobit
* Experience with Wireshark and Snort platforms, including regex knowledge
* Extensive experience configuring and managing log management and SIEM solutions
* Advanced knowledge of Nessus, Metasploit, and Kali Linux
* Experience reviewing source code for security flaws and conducting web application security assessments

What KIND offers

* Competitive compensation, including equity in KIND!
* Flexible Paid Time Off. Choose what works best for you, including summer hours
* Excellent health, dental & vision insurance, with options to fit you & your family's needs
* Your health is important! Our wellness strategy focuses on mental and physical wellbeing through in office programs like Drs, Nutritionists, Mindfulness, Chair Massages & others
* Casual office dress code - feel free to wear your KIND gear
* Stock up on your favorite KIND bars to share with your family & friends, through a quarterly voucher redeemable on ks.com
* Training & tuition reimbursement program, because continuing to learn matters and we support your development
* A dynamic, ambitious, fun and KIND work environment
* The opportunity and responsibility to be KIND everyday